What is Single Sign-On (SSO) & How to Implement it?

Single Sign-On (SSO) is a method of authentication which allows the user to gain access to multiple applications or sites with a single login credential. Nowadays, Single Sign-On is gaining popularity as it provides an ease to the end-users. Most of the banking websites are now providing SSO to their users across applications.

How does SSO work?

In order to understand how does SSO works? Let’s take an example.

Mark is a Software Engineer who created a website with basic authentication. For that, he has created a login page where a user has to provide valid credentials to successfully login, as his site has started gaining popularity. Mark has decided to create a new product (another website).

After a positive response, he decided to connect the authentication of both the websites as he doesn’t want his existing users to sign up again to his new website. To solve this, he decided to implement Single Sign-On on his website.


How has Mark implemented it?

In this flow, I’m going to use different key phrases like Client 1(Mark’s first website; where he wants to provide the option of Single Sign-On to auto-login his existing users to his new website) and the new website is Client 2. The flow starts, when a user successfully logs in to Client 1 and clicks on the link – “Take me to Client 2”.

1. Client 1 sends an authentication request to the SSO system.
2. SSO system will validate the credentials.
3. On successful authentication it generates access token.
4. Client 1 sends a request to validate the customer/user with the access token.
5. SSO token validates the access token and user data.
6. Upon successful validation, the SSO system will send the Single Sign-On token and the URL(In this case, URL of the new website).
7. Client 1 will then redirect the user to redirection Url and send the Single Sign-On token in form POST.
8. Clients 2 will then validate the SSO token and then auto-login the user to the new application.

Hope this has been informative for you to try out ‘Single Sign-On’ on your application!

Leave a Comment

Your email address will not be published.